[Bug analyzer/106066] crash dump when "-fdump-analyzer" enabled

2022-06-23 Thread chipitsine at gmail dot com via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106066

--- Comment #1 from Илья Шипицин  ---
another crash using "-fanalyzer-verbose-state-changes"

stacktrace


during IPA pass: analyzer
src/ssl_crtlist.c:523:17: internal compiler error: Segmentation fault
  523 | entry = crtlist_entry_new();
  | ^
0xf3ec3f crash_signal
/home/ilia/gcc/gcc-master/gcc/toplev.cc:322
0x950028 c_tree_printer
/home/ilia/gcc/gcc-master/gcc/c/c-objc-common.cc:305
0x1eea9ef pp_format(pretty_printer*, text_info*)
/home/ilia/gcc/gcc-master/gcc/pretty-print.cc:1475
0x1e65b58 make_label_text(bool, char const*, ...)
/home/ilia/gcc/gcc-master/gcc/analyzer/analyzer.cc:439
0x1e6afc0 ana::state_change_event::get_desc(bool) const
/home/ilia/gcc/gcc-master/gcc/analyzer/checker-path.cc:409
0x1e68232 ana::checker_event::prepare_for_emission(ana::checker_path*,
ana::pending_diagnostic*, diagnostic_event_id_t)
/home/ilia/gcc/gcc-master/gcc/analyzer/checker-path.cc:237
0x1e8622f ana::checker_path::prepare_for_emission(ana::pending_diagnostic*)
/home/ilia/gcc/gcc-master/gcc/analyzer/checker-path.h:652
0x1e8622f ana::diagnostic_manager::emit_saved_diagnostic(ana::exploded_graph
const&, ana::saved_diagnostic const&)
/home/ilia/gcc/gcc-master/gcc/analyzer/diagnostic-manager.cc:1396
0x1e8a0d3 ana::dedupe_winners::emit_best(ana::diagnostic_manager*,
ana::exploded_graph const&)
/home/ilia/gcc/gcc-master/gcc/analyzer/diagnostic-manager.cc:1296
0x1e8677c ana::diagnostic_manager::emit_saved_diagnostics(ana::exploded_graph
const&)
/home/ilia/gcc/gcc-master/gcc/analyzer/diagnostic-manager.cc:1348
0x12e148a ana::impl_run_checkers(ana::logger*)
/home/ilia/gcc/gcc-master/gcc/analyzer/engine.cc:5846
0x12e230e ana::run_checkers()
/home/ilia/gcc/gcc-master/gcc/analyzer/engine.cc:5906
0x12d1c48 execute
/home/ilia/gcc/gcc-master/gcc/analyzer/analyzer-pass.cc:87
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See  for instructions.

[Bug analyzer/106066] crash dump when "-fdump-analyzer" enabled

2022-06-24 Thread dmalcolm at gcc dot gnu.org via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106066

David Malcolm  changed:

   What|Removed |Added

 Status|UNCONFIRMED |NEW
   Last reconfirmed||2022-06-24
 Ever confirmed|0   |1

--- Comment #2 from David Malcolm  ---
Thanks for filing this bug.

I can reproduce both crashes with trunk.

[Bug analyzer/106066] crash dump when "-fdump-analyzer" enabled

2022-06-24 Thread dmalcolm at gcc dot gnu.org via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106066

--- Comment #3 from David Malcolm  ---
Minimal reproducer for crash in comment #0 (crash in dump_mem_ref seen with
_do_poll:

struct s {
  unsigned int f;
};
int use(unsigned int);
static struct s *arr;

void test(int n) {
  int i;
  for (i = 0; i < n; i++) {
unsigned int n, e;
e = arr[i].f;
n = e ? 42 : 0;
use(n);
  }
}

$ ./xgcc -B. -fanalyzer -fdump-analyzer -O1
../../src/gcc/testsuite/gcc.dg/analyzer/pr106066.c
during IPA pass: analyzer
../../src/gcc/testsuite/gcc.dg/analyzer/pr106066.c:12:16: internal compiler
error: Segmentation fault
   12 | n = e ? 42 : 0;
  | ~~~^~~
0x13fac05 crash_signal
../../src/gcc/toplev.cc:322
0xa3c54f tree_class_check(tree_node*, tree_code_class, char const*, int, char
const*)
../../src/gcc/tree.h:3638
0x15428d7 dump_mem_ref
../../src/gcc/tree-pretty-print.cc:1700
0x1544ce3 dump_generic_node(pretty_printer*, tree_node*, int, dump_flag, bool)
../../src/gcc/tree-pretty-print.cc:2061
0x1547439 dump_generic_node(pretty_printer*, tree_node*, int, dump_flag, bool)
../../src/gcc/tree-pretty-print.cc:2425
0x19af603 ana::dump_tree(pretty_printer*, tree_node*)
../../src/gcc/analyzer/region-model.cc:87
0x19af646 ana::dump_quoted_tree(pretty_printer*, tree_node*)
../../src/gcc/analyzer/region-model.cc:97
0x199d935 ana::sm_state_map::print(ana::region_model const*, bool, bool,
pretty_printer*) const
../../src/gcc/analyzer/program-state.cc:240
0x199fa94 ana::program_state::dump_to_pp(ana::extrinsic_state const&, bool,
bool, pretty_printer*) const
../../src/gcc/analyzer/program-state.cc:899
0x19761d5 ana::exploded_graph::get_or_create_node(ana::program_point const&,
ana::program_state const&, ana::exploded_node*)
../../src/gcc/analyzer/engine.cc:2584
0x1978504
ana::exploded_graph::maybe_process_run_of_before_supernode_enodes(ana::exploded_node*)
../../src/gcc/analyzer/engine.cc:3447
0x1977706 ana::exploded_graph::process_worklist()
../../src/gcc/analyzer/engine.cc:3113
0x197d252 ana::impl_run_checkers(ana::logger*)
../../src/gcc/analyzer/engine.cc:5833
0x197d66b ana::run_checkers()
../../src/gcc/analyzer/engine.cc:5907
0x1970646 execute
../../src/gcc/analyzer/analyzer-pass.cc:88
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See  for instructions.

[Bug analyzer/106066] crash dump when "-fdump-analyzer" enabled

2022-06-24 Thread dmalcolm at gcc dot gnu.org via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106066

--- Comment #4 from David Malcolm  ---
(In reply to David Malcolm from comment #2)
> Thanks for filing this bug.
> 
> I can reproduce both crashes with trunk.

Correction: for src/ssl_crtlist.c I'm seeing the same crash as in comment #0
(in dump_mem_ref), rather than in c_tree_printer.